Introduction :-

Finally it is Over 😀 next up is MySQL Injection and that is really interesting topic to cover.

And as we move forward in this course the challenges provided in the Lab will get hard and really interesting to solve and a fun way to learn more about your own skills and how the web application works.

Being able to find these kind of vulnerabilities in most of the web applications is the most important thing in learning ethical hacking and penetration testing and that can lead to better web penetration testing and good results to show in your reports.

Explanation :-

So this last example is a DOM XSS example. As most of you may not know what DOM Cross Site Scripting is the first question you must have had is What is DOM Based XSS ??

Definition

DOM Based XSS (or as it is called in some texts, “type-0 XSS”) is an XSS attack wherein the attack payload is executed as a result of modifying the DOM “environment” in the victim’s browser used by the original client side script, so that the client side code runs in an “unexpected” manner. That is, the page itself (the HTTP response that is) does not change, but the client side code contained in the page executes differently due to the malicious modifications that have occurred in the DOM environment.

This is in contrast to other XSS attacks (stored or reflected), wherein the attack payload is placed in the response page (due to a server side flaw).

This the best Definition of DOM based XSS so one thing that i want to make clear is that while testing for DOM XSS you should try testing it on different versions of web browsers as it does depend on that.

Testing Tools and Techniques

Minded Security has been doing some significant research into DOM based XSS. They are working on two projects to help with DOM Based XSS:

1. The DOMinator Tool – A commercial tool based on the Firefox browser with modified Spidermonkey Javascript engine that helps testers identify and verify DOM based XSS flaws

2. The DOM XSS Wiki – The start of a Knowledgebase for defining sources of attacker controlled inputs and sinks which could potentially introduce DOM Based XSS issues. Its very immature as of 11/17/2011. Please contribute to this wiki if you know of more dangerous sinks and/or safe alternatives!!